US12413585B2ActiveUtilityA1

System and method for electronic authentication of electronic distributed network traffic via enriched data

44
Assignee: BANK OF AMERICAPriority: Jan 17, 2023Filed: Jan 17, 2023Granted: Sep 9, 2025
Est. expiryJan 17, 2043(~16.5 yrs left)· nominal 20-yr term from priority
H04L 63/1425H04L 41/16H04L 63/0876H04L 63/08
44
PatentIndex Score
0
Cited by
18
References
15
Claims

Abstract

Embodiments of the invention are directed to systems, computer program products, and methods for electronic authentication of electronic distributed network traffic via enriched data. An authorization request is provided from a user of a first endpoint device to send or receive data with a second endpoint device. A request for a first authentication credential to the first endpoint device is transmitted, and an authentication transmission is received by the system. An enhanced authentication engine is initialized, which collects, by a middleware, data flow from an identity database to the enhanced authentication engine. A metadata source is combined with the data flow to form a combined data, which is transmitted to an alert engine.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A system for electronic authentication of electronic distributed network traffic via enriched data, the system comprising:
 at least one non-transitory storage device; and 
 at least one processing device coupled to the at least one non-transitory storage device, 
 wherein the at least one processing device is configured to:
 receive an authorization request from a user of a first endpoint device to send or receive data with a second endpoint device; 
 transmit a request for a first authentication credential to the first endpoint device; 
 receive, via an authentication transmission, the first authentication credential from the user on a user interface of the first endpoint device; 
 initialize an enhanced authentication engine by transmitting attributes of the authentication transmission to the enhanced authentication engine, wherein the enhanced authentication engine comprises a machine learning model and a middleware component, the middleware component for assembling multiple data sources in real-time, and wherein the enhanced authentication engine is configured to:
 collect, by the middleware component, a second data flow to the enhanced authentication engine, the second data flow relating to network traffic passing to the enhanced authentication engine and comprising at least one geolocation as a known threat indicator; 
 combine into a combined data, by the middleware component, a metadata source with the second data flow; 
 initiate the machine learning model, wherein the machine learning model is configured to at least one of: (i) receive threat indicators as training data, and (ii) recognize patterns in the combined data; 
 determine, via the machine learning model, anomalies in the combined data; 
 transmit the combined data to an alert engine, wherein the alert engine is configured to transmit an alert to an authorization device if there is an anomaly in the combined data as determined by the machine learning model; 
 authorize the authorization request if there is no anomaly in the combined data; 
 transmit a request for a second authentication credential to an auxiliary endpoint device if there is an anomaly in the combined data determined by the machine learning model; 
 receive, via a second authentication transmission, the second authentication credential from the user on the user interface of the auxiliary endpoint device; and 
 authorize the authorization request if the second authentication credential is accepted. 
 
 
 
     
     
       2. The system of  claim 1 , wherein the enhanced authentication engine is further configured to:
 transmit the alert to the authorization device, the alert comprising details of the anomaly; and 
 display the alert on a user interface of the authorization device. 
 
     
     
       3. The system of  claim 1 , wherein the first endpoint device comprises a geolocation module and a forwarding engine operatively coupled to the middleware component. 
     
     
       4. The system of  claim 1 , wherein the metadata source comprises geolocation data of the first endpoint device. 
     
     
       5. The system of  claim 2 , wherein the alert comprises an input, the input configured to:
 receive a new threat indicator from a supervising user; and 
 store the new threat indicator in an identity database. 
 
     
     
       6. A computer program product for electronic authentication of electronic distributed network traffic via enriched data, the computer program product comprising a non-transitory computer-readable medium comprising code causing a first apparatus to:
 receive an authorization request from a user of a first endpoint device to send or receive data with a second endpoint device; 
 transmit a request for a first authentication credential to the first endpoint device; 
 receive, via an authentication transmission, the first authentication credential from the user on a user interface of the first endpoint device; 
 initialize an enhanced authentication engine by transmitting attributes of the authentication transmission to the enhanced authentication engine, wherein the enhanced authentication engine comprises a machine learning model and a middleware component, the middleware component for assembling multiple data sources in real-time, and wherein the enhanced authentication engine is configured to:
 collect, by the middleware component, a second data flow to the enhanced authentication engine, the second data flow relating to network traffic passing to the enhanced authentication engine and comprising at least one geolocation as a known threat indicator; 
 combine into a combined data, by the middleware component, a metadata source with the second data flow; 
 initiate the machine learning model, wherein the machine learning model is configured to at least one of: (i) receive threat indicators as training data, and (ii) recognize patterns in the combined data; 
 determine, via the machine learning model, anomalies in the combined data; 
 transmit the combined data to an alert engine, wherein the alert engine is configured to transmit an alert to an authorization device if there is an anomaly in the combined data as determined by the machine learning model; 
 authorize the authorization request if there is no anomaly in the combined data; 
 transmit a request for a second authentication credential to an auxiliary endpoint device if there is an anomaly in the combined data determined by the machine learning model; 
 receive, via a second authentication transmission, the second authentication credential from the user on the user interface of the auxiliary endpoint device; and 
 authorize the authorization request if the second authentication credential is accepted. 
 
 
     
     
       7. The computer program product of  claim 6 , wherein the enhanced authentication engine is further configured to:
 transmit the alert to the authorization device, the alert comprising details of the anomaly; and 
 display the alert on a user interface of the authorization device. 
 
     
     
       8. The computer program product of  claim 6 , wherein the first endpoint device comprises a geolocation module and a forwarding engine operatively coupled to the middleware component. 
     
     
       9. The computer program product of  claim 6 , wherein the metadata source comprises geolocation data of the first endpoint device. 
     
     
       10. The computer program product of  claim 7 , wherein the alert comprises an input, the input configured to:
 receive a new threat indicator from a supervising user; and 
 store the new threat indicator in an identity database. 
 
     
     
       11. A method for electronic authentication of electronic distributed network traffic via enriched data, the method comprising:
 receiving an authorization request from a user of a first endpoint device to send or receive data with a second endpoint device; 
 transmitting a request for a first authentication credential to the first endpoint device; 
 receiving, via an authentication transmission, the first authentication credential from the user on a user interface of the first endpoint device; 
 initializing an enhanced authentication engine by transmitting attributes of the authentication transmission to the enhanced authentication engine, wherein the enhanced authentication engine comprises a machine learning model and a middleware component, the middleware component for assembling multiple data sources in real-time, and wherein the enhanced authentication engine is configured to:
 collect, by the middleware component, a second data flow to the enhanced authentication engine, the second data flow relating to network traffic passing to the enhanced authentication engine and comprising at least one geolocation as a known threat indicator; 
 combine into a combined data, by the middleware component, a metadata source with the second data flow; 
 initiate the machine learning model, wherein the machine learning model is configured to at least one of: (i) receive threat indicators as training data, and (ii) recognize patterns in the combined data; 
 determine, via the machine learning model, anomalies in the combined data; 
 transmit the combined data to an alert engine, wherein the alert engine is configured to transmit an alert to an authorization device if there is an anomaly in the combined data as determined by the machine learning model; 
 authorize the authorization request if there is no anomaly in the combined data; 
 transmit a request for a second authentication credential to an auxiliary endpoint device if there is an anomaly in the combined data determined by the machine learning model; 
 receive, via a second authentication transmission, the second authentication credential from the user on the user interface of the auxiliary endpoint device; and 
 authorize the authorization request if the second authentication credential is accepted. 
 
 
     
     
       12. The method of  claim 11 , wherein the enhanced authentication engine further configured to:
 transmit the alert to the authorization device, the alert comprising details of the anomaly; and 
 display the alert on a user interface of the authorization device. 
 
     
     
       13. The method of  claim 11 , wherein the first endpoint device comprises a geolocation module and a forwarding engine operatively coupled to the middleware component. 
     
     
       14. The method of  claim 11 , wherein the metadata source comprises geolocation data of the first endpoint device. 
     
     
       15. The method of  claim 11 , wherein the alert comprises an input, the input configured to:
 receive a new threat indicator from a supervising user; and 
 store the new threat indicator in an identity database.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.